<!--#include file="lib/utf-8.asp"-->
<!--#include file="lib/connopen.asp"-->
<!--#include file="lib/asp-common-lib.asp"-->
<!--#include file="lib/asp-json-lib.asp"-->
<%
Response.ContentType = "application/json"
action=saferequest("action",0)
old_password=Ucase(saferequest("old_password",0))
new_password=Ucase(saferequest("new_password",0))
confirm_password=Ucase(saferequest("confirm_password",0))
checkchangepws=saferequest("checkchangepws",0)
'response.write(username)
'response.end
dim json
set json=jsObject()
json("bStatus")=false
' if old_password="" then
	' json("sInfo")="原密码不能为空"
' elseif new_password="" or confirm_password="" then
	' json("sInfo")="新密码不能为空"
' elseif len(old_password)<6 or len(new_password)<6 or len(confirm_password)<6 then
	' json("sInfo")="密码要求长度为6-10位"
' elseif new_password<>confirm_password then
	' json("sInfo")="新密码不匹配"
' elseif old_password=new_password then
	' json("sInfo")="新密码与原密码不能相同"
' elseif not CheckPassword(new_password) then
	' json("sInfo")="新密码必须包含数字和字母"
    
if checkchangepws=1 then
	json("sInfo")="原密码不能为空"
elseif checkchangepws=2 then
	json("sInfo")="新密码不能为空"
elseif checkchangepws=3 then
	json("sInfo")="密码要求长度为6-10位"
elseif checkchangepws=4 then
	json("sInfo")="新密码不匹配"
elseif checkchangepws=5 then
	json("sInfo")="新密码与原密码不能相同"
elseif checkchangepws=6 then
	json("sInfo")="新密码必须包含数字和字母"
elseif action="确定" and checkchangepws=0 then
	set rs=server.createobject("adodb.recordset")
	sql="select * from username where id="&session("iId")&" and [password]='"&old_password&"' and active=true"
	rs.open sql,conn,1,1
	if not rs.eof then
		call ExecuteCommand("update username set [password]='"&new_password&"' where id="&session("iId")&" and [password]='"&old_password&"' and active=true",false)
		json("bStatus")=true
		json("sInfo")="密码已修改，请重新登录"
		session.abandon
	else
		json("sInfo")="原密码错误"
	end if
	rs.close
	set rs=nothing
end if
json.Flush
%>
<!--#include file="lib/connclose.asp"-->